CN113987475A - Distributed resource management system, distributed resource management method, credential information management system, and medium - Google Patents

Distributed resource management system, distributed resource management method, credential information management system, and medium Download PDF

Info

Publication number
CN113987475A
CN113987475A CN202111231326.1A CN202111231326A CN113987475A CN 113987475 A CN113987475 A CN 113987475A CN 202111231326 A CN202111231326 A CN 202111231326A CN 113987475 A CN113987475 A CN 113987475A
Authority
CN
China
Prior art keywords
node
nodes
effective
resource
activity detection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111231326.1A
Other languages
Chinese (zh)
Inventor
杨畅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taikang Insurance Group Co Ltd
Taikang Online Property Insurance Co Ltd
Original Assignee
Taikang Insurance Group Co Ltd
Taikang Online Property Insurance Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taikang Insurance Group Co Ltd, Taikang Online Property Insurance Co Ltd filed Critical Taikang Insurance Group Co Ltd
Priority to CN202111231326.1A priority Critical patent/CN113987475A/en
Publication of CN113987475A publication Critical patent/CN113987475A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present disclosure relates to the field of internet technologies, and in particular, to a distributed resource management system and method, a risk guarantee contract credential information management system and method, a storage medium, and an electronic device. The resource management system includes: the gateway routing module is connected with the terminal module and the gateway routing module; the terminal module is used for acquiring information resources and encrypting the information resources to obtain encrypted resources; the gateway routing module is used for performing activity detection on nodes in the interplanetary file system layer according to the prestored node identification, determining effective nodes in the interplanetary file system layer according to the activity detection result and maintaining the number of the effective nodes; and the resource processing module is used for maintaining the multi-level node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes and scheduling the target effective nodes to process the encrypted resources by utilizing the multi-level node linked list. According to the method and the device, the effective nodes are detected and the effective nodes are dispatched to process the encrypted resources by utilizing the node linked list, so that the resource storage safety is improved, and the resource processing efficiency is improved.

Description

Distributed resource management system, distributed resource management method, credential information management system, and medium
Technical Field
The present disclosure relates to the field of internet technologies, and in particular, to a distributed resource management system and method, a risk guarantee contract credential information management system and method, a computer storage medium, and an electronic device.
Background
With the rapid increase of business volume under many scenes, file resources which are many times more than the conventional file resources need to be saved, and many business scenes relate to a large amount of client private data such as risk guarantee contract voucher information and the like, so that higher requirements are put on resource management, namely, the safe and reliable storage of information resources is ensured while the storage capacity is ensured.
In the related technology, the traditional relational database or the maintenance based on various big data processing engines is used for processing mass data resources, complex technology and high physical equipment cost and bandwidth cost are needed, and the safety of mass data storage is difficult to guarantee because a central node is down and a network is unreliable or data is easily tampered or lost due to hacker attack.
It is to be noted that the information invented in the background section above is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The purpose of the present disclosure is to provide a distributed resource management system and method, a risk guarantee contract credential information management system and method, a computer storage medium, and an electronic device, so as to improve the safety and reliability of mass resource information storage and the processing efficiency of resource information to at least a certain extent.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to one aspect of the present disclosure, a distributed resource management system is provided, the system including a terminal module, a gateway routing module, a resource processing module, and an interplanetary file system layer for storing information resources; the terminal module is used for acquiring information resources and encrypting the information resources to obtain encrypted resources; the gateway routing module is used for performing activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determining effective nodes in the interplanetary file system layer according to an activity detection result and maintaining the number of the effective nodes according to the activity detection result; and the resource processing module is used for maintaining a multi-level node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and scheduling target effective nodes to process the encrypted resources by using the multi-level node linked list.
In an exemplary embodiment of the present disclosure, the gateway routing module includes: the activity detection unit is used for performing activity detection on the nodes in the interplanetary file system layer according to the prestored node identification so as to filter the downtime nodes with changed node identifications; the supplementary node determining unit is used for randomly detecting a target node when nodes with the number larger than a preset number threshold are filtered, searching for activated and healthy nodes by taking the target node as a center and taking a preset distance value as a radius to obtain supplementary nodes; and the identification configuration unit is used for distributing node identifications to the target node and the supplementary node and taking the target node and the supplementary node with the node identifications as the effective nodes.
In an exemplary embodiment of the present disclosure, the resource processing module includes: a node chain table maintenance unit, configured to divide the effective nodes into a multi-level node table, where the multi-level node table includes a cache node table and a core node table, and the number of nodes in the cache node table is less than the number of nodes in the core node table; a node update unit, configured to update the supplementary node to the core node table; and the node synchronization unit is used for synchronizing the supplementary nodes in the core node table to the cache node table according to a preset time interval.
In an exemplary embodiment of the present disclosure, the resource processing module further includes: the node scheduling unit is used for responding to the resource processing request from the terminal module and acquiring a target effective node from the cache node table; the node scheduling unit is further configured to acquire the target valid node from the core node table when the target valid node does not exist in the cache node table.
In an exemplary embodiment of the present disclosure, the resource processing module further includes: an encryption unit, configured to encrypt a key of the encrypted resource; the encryption unit is also used for encrypting the information resources which are not encrypted by the terminal module in the information resources; and the storage unit is used for storing the encrypted resources encrypted by the encryption unit in the effective node.
In an exemplary embodiment of the present disclosure, the resource processing module further includes: the naming unit is used for naming the encrypted resources stored in the effective nodes and storing the corresponding relation between the actual names of the effective nodes and the naming results; and the naming result feedback unit is used for feeding back the corresponding relation to the terminal module.
In an exemplary embodiment of the present disclosure, the resource processing module further includes: a path planning unit, configured to plan a query path to an effective node corresponding to the resource query operation instruction in response to the resource query operation instruction carrying the corresponding relationship from the terminal module; the path planning unit is further configured to feed back the query path to the target effective node, so as to execute a query operation according to the query path through the target effective node.
According to one aspect of the disclosure, a management system for risk guarantee contract voucher information is provided, which includes a terminal module, a gateway routing module, a resource processing module and an interplanetary file system layer for storing risk guarantee contract voucher information; the terminal module is used for acquiring risk guarantee contract voucher information and encrypting the information to obtain encrypted risk guarantee contract voucher information; the gateway routing module is used for performing activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determining effective nodes in the interplanetary file system layer according to an activity detection result and maintaining the number of the effective nodes according to the activity detection result; and the resource processing module is used for maintaining a node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and scheduling target effective nodes by utilizing the node linked list to process the encrypted risk guarantee contract voucher information.
According to an aspect of the present disclosure, there is provided a distributed resource management method applied to any one of the foregoing distributed resource management systems, including: the terminal module acquires information resources and encrypts the information resources to obtain encrypted resources; the gateway routing module performs activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determines effective nodes in the interplanetary file system layer according to the activity detection result and maintains the number of the effective nodes according to the activity detection result; and the resource processing module maintains the node linked list corresponding to the effective node according to the activity detection result and the number of the effective nodes, and schedules the target effective node to process the encrypted resource by using the node linked list.
According to an aspect of the present disclosure, there is provided a method for managing risk guarantee contract credential information, including: the terminal module acquires the risk guarantee contract voucher information and encrypts the information to obtain encrypted risk guarantee contract voucher information; the gateway routing module performs activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determines effective nodes in the interplanetary file system layer according to the activity detection result and maintains the number of the effective nodes according to the activity detection result; and the resource processing module maintains a node chain table corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and schedules target effective nodes by utilizing the node chain table to process the encrypted risk guarantee contract voucher information.
According to an aspect of the present disclosure, there is provided a computer storage medium having a computer program stored thereon, the computer program, when executed by a processor, implementing any one of the above-described distributed resource management methods or risk support contract credential information management methods.
According to an aspect of the present disclosure, there is provided an electronic device including: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to execute any one of the above-mentioned distributed resource management methods or risk support contract credential information management methods via execution of the executable instructions.
The distributed resource management system in the exemplary embodiment of the present disclosure includes a terminal module, a gateway routing module, a resource processing module, and an interplanetary file system file layer for storing information resources; the terminal module is used for acquiring information resources and encrypting the information resources to obtain encrypted resources; the gateway routing module is used for performing activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determining effective nodes in the interplanetary file system layer according to the activity detection result and maintaining the number of the effective nodes according to the activity detection result; and the resource processing module is used for maintaining the multi-level node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and scheduling the target effective nodes to process the encrypted resources by using the multi-level node linked list.
On one hand, the gateway routing module performs activity detection on the nodes in the interplanetary file system layer according to the prestored node identification to obtain effective nodes, and filters out illegal nodes and down nodes, so that resource loss leakage caused by down of a central node, network attack or virus lasso of information resources is avoided; meanwhile, the number of effective nodes is maintained based on the activity detection result, so that the effective nodes with enough number can process information resources, and the processing reliability of the information resources is improved; on the other hand, the information resources are encrypted through the terminal module, the information security is improved, and the information resources are stored in the effective nodes in the interplanetary file system layer, so that the resources are distributed to a large number of nodes and are not easy to be tampered, the information security is further ensured, and the time consumed for verifying the authenticity of the file is reduced; on the other hand, the resource processing module maintains the multi-level node linked list of the effective nodes and is used for scheduling the effective nodes to process the encrypted resources, so that the storage and the query of the resources are accelerated, and the resource processing efficiency is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The above and other objects, features and advantages of exemplary embodiments of the present disclosure will become readily apparent from the following detailed description read in conjunction with the accompanying drawings. Several embodiments of the present disclosure are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which:
FIG. 1 shows a schematic structural diagram of a distributed resource management system according to an exemplary embodiment of the present disclosure;
fig. 2 shows a schematic structural diagram of a gateway routing module according to an exemplary embodiment of the present disclosure;
FIG. 3 shows a schematic structural diagram of a resource handling module according to an exemplary embodiment of the present disclosure;
FIG. 4 shows a schematic structural diagram of a resource handling module according to an exemplary embodiment of the present disclosure;
FIG. 5 shows a schematic block diagram of a resource handling module according to an exemplary embodiment of the present disclosure;
FIG. 6 shows a schematic structural diagram of a resource handling module according to an exemplary embodiment of the present disclosure;
FIG. 7 shows a schematic structural diagram of a distributed resource management system according to an example embodiment of the present disclosure;
FIG. 8 shows a flowchart of a distributed resource management method according to an example embodiment of the present disclosure;
FIG. 9 shows a flowchart of a distributed resource management method according to an example embodiment of the present disclosure;
FIG. 10 shows a schematic diagram of a storage medium according to an example embodiment of the present disclosure; and
fig. 11 shows a block diagram of an electronic device according to an exemplary embodiment of the present disclosure.
In the drawings, the same or corresponding reference numerals indicate the same or corresponding parts.
Detailed Description
Exemplary embodiments will now be described more fully with reference to the accompanying drawings. The exemplary embodiments, however, may be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of exemplary embodiments to those skilled in the art. The same reference numerals in the drawings denote the same or similar structures, and thus their detailed description will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known structures, methods, devices, implementations, or operations are not shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. That is, these functional entities may be implemented in the form of software, or in one or more software-hardened modules, or in different networks and/or processor devices and/or microcontroller devices.
In many business scenes, a large amount of document data needs to be stored, and customer private data is often related, for example, in current car insurance business, information resources such as personnel, vehicles, driving information, electronic insurance policy, contracts, various business data such as pictures, videos, text files and the like exist, and with the popularization of new energy automobiles, the quantity of the reserved vehicles per capita is increased year by year, so that the car insurance business faces document resources which are many times more than the original quantity, and therefore, in order to ensure the safety of a large amount of customer data, the effective legality of the electronic insurance policy and various contracts, the information data are prevented from being leaked, tampered or damaged, and the problem that the storage of the current resources is not small and great is solved.
In the related technology, the traditional relational database or the maintenance based on various big data processing engines is used for processing mass data resources, complex technology and high physical equipment cost and bandwidth cost are needed, and the safety of mass data storage is difficult to guarantee because a central node is down and a network is unreliable or data is easily tampered or lost due to hacker attack.
The IPFS (Inter planet File System) is a p2p (point-to-point) type distributed File System, provides a high-throughput content addressing block storage model, has a hyperlink for content addressing, has no single fault node, does not need mutual trust between nodes, and distributes information resources to a large number of nodes by maintaining the IPFS network, thereby not only improving the safety and reliability of the resources, but also distributing the storage cost and the maintenance cost of mass data.
Based on this, in the exemplary embodiment of the present disclosure, a distributed resource management system is first provided. Referring to fig. 1, the distributed resource management system 100 includes a terminal module 110, a gateway routing module 120, a resource handling module 130, and an interplanetary file system layer 140 for storing information resources, and in particular,
the terminal module 110 is configured to obtain information resources and encrypt the information resources to obtain encrypted resources;
the gateway routing module 120 is configured to perform activity detection on nodes in the interplanetary file system layer 140 according to the pre-stored node identifiers, determine effective nodes in the interplanetary file system layer 140 according to the activity detection result, and maintain the number of the effective nodes according to the activity detection result;
the resource processing module 130 is configured to maintain a multi-level node chain table corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and schedule the target effective node to process the encrypted resource by using the multi-level node chain table.
According to the distributed resource management system in the embodiment, on one hand, the gateway routing module performs activity detection on the nodes in the interplanetary file system layer according to the prestored node identification to obtain effective nodes, and filters out illegal nodes and down nodes, so that resource loss leakage of information resources caused by down of a central node, network attack or virus stranger cable is avoided; meanwhile, the number of effective nodes is maintained based on the activity detection result, so that the effective nodes with enough number can process information resources, and the processing reliability of the information resources is improved; on the other hand, the information resources are encrypted through the terminal module, the information security is improved, and the information resources are stored in the effective nodes in the interplanetary file system layer, so that the resources are distributed to a large number of nodes and are not easy to be tampered, the information security is further ensured, and the time consumed for verifying the authenticity of the file is reduced; on the other hand, the resource processing module maintains the multi-level node linked list of the effective nodes and is used for scheduling the effective nodes to process the encrypted resources, so that the storage and the query of the resources are accelerated, and the resource processing efficiency is improved.
The following describes a distributed resource management system in an exemplary embodiment of the present disclosure.
The terminal module 110 is configured to obtain information resources and encrypt the information resources to obtain encrypted resources.
In an exemplary embodiment of the present disclosure, the terminal module 110 performs real-time monitoring, entry, encryption, and upload of information resources through the access terminal device; the terminal devices include, but are not limited to, a monitoring device, an Internet of Things (IOT) module, an intelligent terminal device (such as a smart phone, etc.), a service workstation, and the like. For example, for the car insurance business, the real-time monitoring and recording of the vehicle information, the encryption and the uploading of the policy and the contract can be carried out through the access terminal equipment.
The gateway routing module 120 is configured to perform activity detection on nodes in the interplanetary file system layer 140 according to the pre-stored node identifiers, determine valid nodes in the interplanetary file system layer 140 according to the activity detection result, and maintain the number of the valid nodes according to the activity detection result. In an exemplary embodiment of the present disclosure, the valid node is a node after filtering out the illegal node and the down node, and is used for processing encrypted resources, such as storage, query, and the like; in some possible embodiments, the interplanetary file system layer 140 may be a private federated IPFS network for a built enterprise, such as a distributed resource system developed based on the IPFS protocol; in some possible embodiments, the interplanetary file system 140 may be an alliance IPFS network commonly maintained by multiple enterprises or departments, for example, by building an enterprise private alliance IPFS network, and maintaining nodes in the private networking IPFS network as nodes in a public IPFS network, so that encrypted resources may be distributed to more effective nodes, the storage speed is increased, the storage cost of mass data is shared, and the repeated construction and maintenance cost of a storage layer is also reduced. The encryption resource is stored in the interplanetary file system layer 140, the resource information is uniquely determined, the private modification can cause the generation of new data, the encryption resource is distributed to a large number of different effective nodes, the encryption resource is prevented from being randomly tampered and not lost, and meanwhile, as the nodes of all parties can quickly achieve consensus, the time consumed for verifying the authenticity and the validity of the file is reduced.
In an exemplary embodiment of the present disclosure, referring to fig. 2, the gateway routing module 120 may include an activity detection unit 1201, a supplementary node determination unit 1202, and an identification configuration unit 1203; the activity detection unit 1201 is configured to perform activity detection on nodes in the interplanetary file system layer 140 according to pre-stored node identifiers, so as to filter the downtime nodes with changed node identifiers; the supplementary node determining unit 1202 is configured to randomly explore a target node when nodes larger than a preset number threshold are filtered, search for an activated and healthy node by taking the target node as a center and taking a preset distance value as a radius, and obtain a supplementary node; the identification configuration unit 1203 is configured to allocate node identifications to the target node and the supplemental nodes, and use the target node and the supplemental nodes with the node identifications as valid nodes.
Specifically, the gateway routing module 120 stores identification information of each node in advance, for example, a globally unique hash value (hash value), and can perform activity detection on each node in real time according to the node identification through the activity detection unit 1201, and if a node is down, the node identification changes, so that the down node can be filtered out; the illegal node is a node that does not have a consensus with the illegal node and does not participate in the networking, and since the gateway routing module 120 does not store the node identifier of the illegal node, the activity detection unit 1201 filters out the illegal node according to the node identifier.
Further, if there are nodes greater than the preset number threshold to be filtered, the supplementary node determining unit 1202 needs to randomly probe other nodes for supplementary to ensure that there are enough valid nodes to process the information resources; the preset number threshold and the preset distance value may be set according to actual requirements, for example, the preset number threshold is 1/2, 1/3 and the like of the number of nodes in the interplanetary file system layer, which is not particularly limited in this application.
In addition, in order to perform activity detection on the valid node according to the node identifier subsequently, the identifier configuration unit 1203 configures the node identifiers for the target node and the complementary node.
Based on this, it can be ensured by the network routing module 120 that there are a sufficient number of valid nodes to process the resource data, ensuring the reliability of information resource processing.
The resource processing module 130 is configured to maintain a multi-level node chain table corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and schedule the target effective node to process the encrypted resource by using the multi-level node chain table.
In an exemplary embodiment of the present disclosure, referring to fig. 3, the resource processing module 130 may include a node linked list maintenance unit 1301, a node update unit 1302, and a node synchronization unit 1303; the node chain table maintenance unit 1301 is configured to divide the effective nodes into multiple levels of node chain tables, specifically, the multiple levels of node chain tables include a cache node table and a core node table, and the number of nodes in the cache node table is less than the number of nodes in the core node table. Further, the node updating unit 1302 is configured to update the supplemental node determined by the supplemental node determining unit 1202 to the core node table, and then synchronize the supplemental node in the core node table to the cache node table through the node synchronizing unit 1303 according to a predetermined time interval.
Specifically, the node chain table maintenance unit 1301 divides all the effective nodes into a cache node table and a core node table, and the number of nodes in the cache node table is less than that of nodes in the core node table, so that when the resource processing module 130 schedules the effective nodes to process encrypted resources in the following process by using the cache node table and the core node table, the target effective node can be quickly and preferentially acquired from the cache node, and the core node table storing a large number of effective nodes does not need to be queried and acquired one by one, so that the efficiency of determining the target node is improved, and the processing efficiency of information resources is improved. Further, when there is a new supplemental node, the supplemental node is updated to the core node table through the node updating unit 1302, and the cache node table is not changed temporarily, so that the processing of the resource information by obtaining the target valid node through the cache node table is not affected; subsequently, the node synchronization unit 1303 may synchronize the complementary nodes in the core node table to the cache node table according to a preset time interval, where the preset time interval may be set according to an actual service processing requirement, so as not to affect the principle of processing information resources by calling effective nodes in the cache node table, and thus, it may be ensured that the complementary nodes are also supplemented in time in the cache node table, and node and information resource synchronization in the whole resource processing module is achieved.
In an exemplary embodiment of the present disclosure, with continued reference to fig. 3, the resource processing module 130 may further include a node scheduling unit 1304, configured to obtain the target valid node from the cache node table in response to the resource processing request from the terminal module 110; the node scheduling unit 1304 is further configured to obtain the target valid node from the core node table when the target valid node does not exist in the cache node table.
Specifically, the node scheduling unit 1304 may acquire the target effective node in the cache node table first according to a resource processing request of the terminal module 110, for example, a request for resource query and storage, and under a condition that a node in the cache node table may be down, for example, an effective node is not on line due to power failure, in this case, the node scheduling unit 1304 continues to acquire the target effective node from the core node, so that the target effective node can be acquired in time to process information resources, increase of response time is avoided, and processing efficiency is improved.
In an exemplary embodiment of the present disclosure, referring to fig. 4, the resource processing module 130 may include an encryption unit 1305 and a storage unit 1306; wherein the encryption unit 1305 is used for encrypting the key of the encrypted resource and/or for encrypting the information resource which is not encrypted by the terminal module 110 in the information resource.
Specifically, when a new resource needs to be added to the interplanetary file system layer 140, the encryption unit 1305 is used to encrypt the key of the encrypted resource obtained by encrypting the terminal module 110, or encrypt the unencrypted resource of the terminal module 110 in the information resource, and then package and upload the encrypted resource to the interplanetary file system layer 140, and the interplanetary file system layer 140 broadcasts and permanently stores the encrypted resource, and encrypts the key encrypted by the terminal module 110 again, so as to further ensure the storage security of the information resource, prevent tampering and leakage, and the terminal module 110 may have the unencrypted information resource, and the encryption unit 1305 can perform supplementary encryption, so as to further ensure the security of the information resource.
In some possible embodiments, the terminal module 110 may employ RSA (public key cryptography) to encrypt a target information resource in the information resources to obtain an encrypted resource, and then perform secondary Encryption on a key of the encrypted resource by using AES (Advanced Encryption Standard) through the Encryption unit 1305 to ensure safe storage of the resource, where the number of the encrypted resource encrypted by the terminal module is less than a key value of the AES; the encryption unit 1305 is further configured to encrypt the unencrypted information resource of the terminal module 110 in the information resource, that is, the data itself of the file in the information resource may be encrypted by using AES, where according to the requirement of the AES encryption algorithm, the 16-byte key and the 8-byte IV value (initialization vector) are converted into hexadecimal, and a 32-byte key and a 16-byte IV value are obtained, and then the file output after twice encryption includes a header file, an RSA encryption key + IV, and AES encrypted data of the original file. The security and the non-falsification of the information can be effectively ensured by encrypting the information resource twice, and finally, the encrypted resource encrypted by the encryption unit 1306 is stored in the valid node through the storage unit 1402.
In an exemplary embodiment of the present disclosure, referring to fig. 5, the resource processing module 130 may further include a naming unit 1307 and a naming result feedback unit 1308, wherein, the naming unit 1307 is used for naming the encrypted resources stored in the valid node, and storing the corresponding relationship between the actual name of the valid node and the naming result, the encrypted resources may be named human-machine friendly short resource names, such as simple numbers, letters or characters, or numerals, characters and characters, for a user to conveniently view and perform a resource query service based on the short resource name, for example, the actual name of the information resource is QmQhkjTcEJ7sB6VVBDkJ3weeRHA4onKo71XxGz8JuKT2n7, the named result is mylfpsFile, the mapping relationship between the actual name and the naming result is correspondingly stored so that the corresponding relationship is fed back to the terminal module 110 through the naming result feedback 1308, so as to search the actual name and obtain the resource according to the naming result.
In an exemplary embodiment of the present disclosure, the gateway routing module 120 is further configured to determine a current idle node from the active nodes as a target active node through which a specific query service can be processed. As shown in fig. 6, the resource processing module 130 may further include a path planning unit 1309, configured to plan a query path to an effective node corresponding to the resource query operation instruction in response to the resource query operation instruction from the terminal module 110 based on the corresponding relationship. Specifically, if a user initiates a resource query request through the terminal module 110, where the resource query request carries a corresponding relationship fed back to the terminal module 110 by the naming result feedback unit 1308, the path planning unit 1309 finds a corresponding effective node according to the corresponding relationship, and since the number of effective nodes is multiple, the user needs to go to each node to obtain information resources, and the path planning unit 1309 can obtain a query path leading to each effective node and determine an optimal path as a final search path, thereby greatly improving the query efficiency of the information resources. The optimal path may be a query path that takes the shortest time to query information resources.
Further, in the exemplary embodiment of the present disclosure, the path planning unit 1309 is further configured to feed back the query path to a target valid node, such as a current idle node, to which the gateway routing module 120 routes, so as to perform a query operation through the current idle node. Based on this, after obtaining the query path through path planning unit 1309, the route is routed to a reliable node to process a specific query operation, thereby reducing the response time and the waiting time of the user query.
For the above encryption method, file decryption may be performed as follows: when a target effective node carries out resource query, firstly, a file is downloaded to a memory, then an encryption key is extracted from a file title, the encryption key is decrypted by using an RSA private key, then an IV value is extracted from the title, and finally the file is decrypted by using the obtained decryption key and the IV value. It should be noted that, when other encryption algorithms are used for encrypting the information resource twice, other corresponding decryption methods may also be used, and the present application is not particularly limited.
In an exemplary embodiment of the present disclosure, referring to fig. 7, the distributed resource management system of the present disclosure may further include an authentication module 150, configured to check validity of the identity of the user who logs in the system through the terminal module 110, including right management and authentication management, so as to prevent an illegal user from operating information resources of the system. The identity information provided by a user logging in the system can be matched with the stored authentication parameters, if the identity information is matched with the stored authentication parameters, the user is allowed to log in the system to perform management operations such as storage and query of information resources, and if the identity information is not matched with the stored authentication parameters, the user is denied access to the system; it should be noted that, when the user uses the system for the first time, the user identifier is allocated to the user allowed to access, and is stored for the subsequent authentication, so that based on this, the access security of the distributed resource management system of the present disclosure is improved.
According to the distributed resource management system, the gateway routing module carries out activity detection on the nodes in the interplanetary file system layer according to the prestored node identification to obtain effective nodes, and filters out illegal nodes and down nodes, so that resource loss leakage of information resources caused by down of a central node, network attack or virus strangle is avoided; meanwhile, the number of effective nodes is maintained based on the activity detection result, so that the effective nodes with enough number can process information resources, and the processing reliability of the information resources is improved; the information resources are encrypted through the terminal module, the information security is improved, and the information resources are stored in the effective nodes in the interplanetary file system layer, so that the resources are distributed to a large number of nodes and are not easy to be tampered, the information security is further ensured, and the time consumed for verifying the authenticity of the file is reduced; the resource processing module maintains the multi-level node linked list of the effective nodes and is used for scheduling the effective nodes to process the encrypted resources, so that the storage and the query of the resources are accelerated, and the resource processing efficiency is improved.
It should be noted that although several modules or units of the distributed resource management system are mentioned in the above detailed description, such partitioning is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
According to one aspect of the disclosure, a management system of risk guarantee contract voucher information is further provided, and the system comprises a terminal module, a gateway routing module, a resource processing module and an interplanetary file system layer for storing risk guarantee contract voucher information; in particular, the method comprises the following steps of,
the terminal module is used for acquiring the risk guarantee contract voucher information and encrypting the information to obtain encrypted risk guarantee contract voucher information;
the gateway routing module is used for performing activity detection on nodes in the interplanetary file system layer according to the prestored node identification, determining effective nodes in the interplanetary file system layer according to the activity detection result and maintaining the number of the effective nodes according to the activity detection result;
and the resource processing module is used for maintaining the node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and scheduling the target effective nodes by using the node linked list to process the encrypted risk guarantee contract voucher information. In an exemplary embodiment of the present disclosure, the gateway routing module includes:
the activity detection unit is used for carrying out activity detection on the nodes in the interplanetary file system layer according to the prestored node identification so as to filter the downtime nodes with the changed node identifications; the supplementary node determining unit is used for randomly detecting a target node when nodes with the number larger than a preset number threshold are filtered, searching for activated and healthy nodes by taking the target node as a center and taking a preset distance value as a radius to obtain supplementary nodes; and the identification configuration unit is used for distributing node identifications to the target node and the supplementary node and taking the target node and the supplementary node with the node identifications as effective nodes.
In an exemplary embodiment of the present disclosure, the resource processing module includes: the node chain table maintenance unit is used for dividing the effective nodes into a multi-level node chain table, the multi-level node chain table comprises a cache node table and a core node table, and the number of nodes in the cache node table is less than that of the nodes in the core node table; the node updating unit is used for updating the supplementary nodes to the core node table; and the node synchronization unit is used for synchronizing the supplementary nodes in the core node table to the cache node table according to a preset time interval.
In an exemplary embodiment of the present disclosure, the resource processing module further includes: the node scheduling unit is used for responding to a resource processing request from the terminal module and acquiring a target effective node from the cache node table; the node scheduling unit is further configured to obtain the target valid node from the core node table when the target valid node does not exist in the cache node table.
In an exemplary embodiment of the present disclosure, the resource processing module includes: the encryption unit is used for encrypting the key of the encrypted risk guarantee contract voucher information; the encryption unit is also used for encrypting the risk guarantee contract voucher information which is not encrypted by the risk guarantee contract voucher information terminal module; and the storage unit is used for storing the encrypted risk guarantee contract certificate information encrypted by the encryption unit in the effective node.
In an exemplary embodiment of the present disclosure, the resource processing module further includes: the naming unit is used for naming the encrypted risk guarantee contract voucher information stored in the effective node and storing the corresponding relation between the actual name of the effective node and the naming result; and the naming result feedback unit is used for feeding back the corresponding relation to the terminal module.
In an exemplary embodiment of the present disclosure, the resource processing module further includes: a path planning unit, configured to plan a query path to an effective node corresponding to the resource query operation instruction in response to the resource query operation instruction carrying the corresponding relationship from the terminal module; the path planning unit is further used for feeding back the query path to the target effective node so as to execute query operation according to the query path through the target effective node.
In an exemplary embodiment of the present disclosure, the system further includes: and the authentication module is used for verifying the legality of the user identity which logs in the system through the terminal module.
Since each functional module of the management system of the risk guarantee contract credential information in the exemplary embodiment of the present disclosure is the same as each functional module in the inventive embodiment of the distributed resource management system, it is not described herein again.
According to an aspect of the present disclosure, there is also provided a distributed resource management method applied to any one of the foregoing distributed resource management systems, and fig. 8 shows a flowchart of the distributed resource management method according to an exemplary embodiment of the present disclosure, as shown in fig. 8, the method includes the following steps:
step S810, the terminal module obtains information resources and encrypts the information resources to obtain encrypted resources;
step S820, the gateway routing module performs activity detection on nodes in the interplanetary file system layer according to the pre-stored node identification, determines effective nodes in the interplanetary file system layer according to the activity detection result and maintains the number of the effective nodes according to the activity detection result;
and step S830, the resource processing module maintains a node chain table corresponding to the effective nodes according to the active detection result and the number of the effective nodes, and schedules the target effective nodes to process the encrypted resources by using the node chain table.
In an exemplary embodiment of the present disclosure, performing activity detection on a node in an interplanetary file system layer according to a pre-stored node identifier, and determining an active node in the interplanetary file system layer according to an activity detection result includes:
firstly, performing activity detection on nodes in an interplanetary file system layer according to prestored node identifiers so as to filter downtime nodes with changed node identifiers; secondly, when nodes with the number larger than a preset number threshold value are filtered, randomly detecting a target node, searching for an activated and healthy node by taking the target node as a center and taking a preset distance value as a radius to obtain a supplementary node; and finally, distributing node identifications for the target node and the supplementary node, and taking the target node and the supplementary node with the node identifications as effective nodes.
In an exemplary embodiment of the present disclosure, the performing, by a gateway routing module, activity detection on a node in an interplanetary file system layer according to a pre-stored node identifier, determining an effective node in the interplanetary file system layer according to an activity detection result, and maintaining the number of the effective nodes according to the activity detection result includes:
firstly, dividing effective nodes into a multi-level node linked list, wherein the multi-level node linked list comprises a cache node list and a core node list, and the number of nodes in the cache node list is less than that of nodes in the core node list; secondly, updating the supplementary nodes to a core node table; and finally, synchronizing the supplementary nodes in the core node table to the cache node table according to a preset time interval.
The method can also respond to a resource processing request from the terminal module, obtain the target effective node from the cache node table, and obtain the target effective node from the core node table when the target effective node does not exist in the cache node table.
In an exemplary embodiment of the present disclosure, maintaining a node chain table corresponding to an effective node according to an active detection result and the number of effective nodes, and scheduling a target effective node to process an encrypted resource using the node chain table further includes:
firstly, encrypting a key of the encrypted resource; secondly, encrypting the information resources which are not encrypted by the terminal module in the information resources; and finally, storing the encrypted resources subjected to the secondary encryption in the effective node.
In an exemplary embodiment of the present disclosure, scheduling an active node to process encrypted resources includes:
and naming the encrypted resources stored in the effective nodes, storing the corresponding relation between the actual names of the effective nodes and the naming result, and feeding back the corresponding relation to the terminal module.
In an exemplary embodiment of the present disclosure, scheduling the active node to process the encrypted resource further includes:
responding to a resource query operation instruction carrying a corresponding relation from a terminal module, and planning a query path to an effective node corresponding to the resource query operation instruction; and feeding back the query path to the target effective node to execute query operation according to the query path through the target effective node, wherein the target effective node can be an idle node or an effective node storing data to be queried.
In an exemplary embodiment of the present disclosure, before collecting and encrypting the information resource by the terminal module, the method further includes: and verifying the validity of the user identity logging in the system through the terminal module.
The following describes the distributed resource management method of the present disclosure in detail with reference to fig. 9:
in step S910, when a terminal user logs in the distributed resource management system through the terminal module, the terminal user is authenticated through the authentication module to control whether the user logs in, if the user logs in the system through the authentication, the user is allowed to log in the system, and if the user does not log in the system through the authentication, the user is denied login access;
in step S920, performing activity detection on nodes in the interplanetary file system layer by using the gateway routing module, and filtering out illegal nodes and down nodes to obtain valid nodes;
in step S930, when an information resource needs to be newly added to the interplanetary file system layer, performing secondary encryption on the encrypted resource encrypted by the terminal module through the resource processing module, packaging and uploading the secondary encrypted resource to an effective node in the interplanetary file system layer, and performing broadcasting;
in step S940, the resource processing module names the secondary encrypted resources stored in the valid node to obtain a man-machine friendly short resource name, and feeds the name back to the terminal module;
in step S950, when an information resource needs to be queried, in response to a resource query operation instruction based on a short resource name by the terminal module, a query path to an effective node corresponding to the resource query operation instruction is planned and fed back to a current idle node, so as to perform a query operation through the current idle node; the current idle node can be acquired from the cache node table through the node scheduling unit, or acquired from the core node table when the cache node table is not acquired.
The distributed resource management method based on the present disclosure can store massive information resources such as internet of things and internet of vehicles, and permanently store the information resources to the effective nodes on the IPFS chain, thereby avoiding data damage, loss or leakage caused by central node downtime, network attack, and network virus lasso, greatly reducing response time of data query, reducing physical device cost and bandwidth cost, and being widely applied to service scenarios requiring storage of a large amount of information resources, such as vehicle insurance, human life insurance, and other resource management industries relating to a large amount of private information.
Since each functional module in the distributed resource management method according to the exemplary embodiment of the present disclosure is the same as that in the embodiment of the distributed resource management system, it is not described herein again.
According to an aspect of the present disclosure, there is also provided a method for managing risk guarantee contract credential information, the method including:
the terminal module acquires the risk guarantee contract voucher information and encrypts the information to obtain encrypted risk guarantee contract voucher information;
the gateway routing module performs activity detection on nodes in the interplanetary file system layer according to the prestored node identification, determines effective nodes in the interplanetary file system layer according to the activity detection result and maintains the number of the effective nodes according to the activity detection result;
and the resource processing module maintains the node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and schedules the target effective nodes to process the encrypted risk guarantee contract voucher information by utilizing the node linked list. In an exemplary embodiment of the present disclosure, performing activity detection on a node in an interplanetary file system layer according to a pre-stored node identifier, and determining an active node in the interplanetary file system layer according to an activity detection result includes:
firstly, performing activity detection on nodes in an interplanetary file system layer according to prestored node identifiers so as to filter downtime nodes with changed node identifiers; secondly, when nodes with the number larger than a preset number threshold value are filtered, randomly detecting a target node, searching for an activated and healthy node by taking the target node as a center and taking a preset distance value as a radius to obtain a supplementary node; and finally, distributing node identifications for the target node and the supplementary node, and taking the target node and the supplementary node with the node identifications as effective nodes.
In an exemplary embodiment of the present disclosure, the performing, by a gateway routing module, activity detection on a node in an interplanetary file system layer according to a pre-stored node identifier, determining an effective node in the interplanetary file system layer according to an activity detection result, and maintaining the number of the effective nodes according to the activity detection result includes:
firstly, dividing effective nodes into a multi-level node linked list, wherein the multi-level node linked list comprises a cache node list and a core node list, and the number of nodes in the cache node list is less than that of nodes in the core node list; secondly, updating the supplementary nodes to a core node table; and finally, synchronizing the supplementary nodes in the core node table to the cache node table according to a preset time interval.
The method can also respond to a resource processing request from the terminal module, obtain the target effective node from the cache node table, and obtain the target effective node from the core node table when the target effective node does not exist in the cache node table.
In an exemplary embodiment of the present disclosure, maintaining a node chain table corresponding to an effective node according to an activity detection result and the number of effective nodes, and processing encrypted risk guarantee contract credential information by using a node chain table scheduling target effective node, further includes:
encrypting a key of the encrypted risk guarantee contract voucher information; secondly, encrypting the risk guarantee contract voucher information which is not encrypted by the terminal module in the risk guarantee contract voucher information; and finally, storing the encrypted risk guarantee contract certificate information after the secondary encryption in an effective node.
In an exemplary embodiment of the present disclosure, scheduling an active node to process encrypted risk guarantee contract credential information includes:
and naming the encrypted risk guarantee contract voucher information stored in the effective node, storing the corresponding relation between the actual name of the effective node and the naming result, and feeding back the corresponding relation to the terminal module.
In an exemplary embodiment of the present disclosure, the scheduling of the valid node to process the encrypted risk guarantee contract credential information further includes:
responding to a resource query operation instruction carrying a corresponding relation from a terminal module, and planning a query path to an effective node corresponding to the resource query operation instruction; and feeding back the query path to the target effective node to execute query operation according to the query path through the target effective node, wherein the target effective node can be an idle node or an effective node storing data to be queried.
In an exemplary embodiment of the present disclosure, before acquiring and encrypting risk guarantee contract credential information by a terminal module, the method further includes: and verifying the validity of the user identity logging in the system through the terminal module.
Since each functional module in the method for managing risk guarantee contract credential information according to the exemplary embodiment of the present disclosure is the same as that in the embodiment of the present invention of the system for managing risk guarantee contract credential information, it is not described herein again.
In addition, in the exemplary embodiments of the present disclosure, a computer storage medium capable of implementing the above method is also provided. On which a program product capable of implementing the above-described method of the present specification is stored. In some possible embodiments, aspects of the present disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the present disclosure described in the "exemplary methods" section above of this specification, when the program product is run on the terminal device.
Referring to fig. 10, a program product 1000 for implementing the above method according to an exemplary embodiment of the present disclosure is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
In addition, in an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided. As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device 1100 according to such an embodiment of the disclosure is described below with reference to fig. 11. The electronic device 1100 shown in fig. 11 is only an example and should not bring any limitations to the function and scope of use of the embodiments of the present disclosure.
As shown in fig. 11, electronic device 1100 is embodied in the form of a general purpose computing device. The components of the electronic device 1100 may include, but are not limited to: the at least one processing unit 1110, the at least one memory unit 1120, a bus 1130 connecting different system components (including the memory unit 1120 and the processing unit 1110), and a display unit 1140.
Wherein the storage unit stores program code that is executable by the processing unit 1110 to cause the processing unit 1110 to perform steps according to various exemplary embodiments of the present disclosure as described in the above section "exemplary methods" of the present specification.
The storage unit 1120 may include readable media in the form of volatile storage units, such as a random access memory unit (RAM)1121 and/or a cache memory unit 1122, and may further include a read-only memory unit (ROM) 1123.
The storage unit 1120 may also include a program/utility 1124 having a set (at least one) of program modules 1125, such program modules 1125 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 1130 may be representative of one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 1100 may also communicate with one or more external devices 1200 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 1100, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 1100 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 1150. Also, the electronic device 1100 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet) via the network adapter 1160. As shown, the network adapter 1160 communicates with the other modules of the electronic device 1100 over the bus 1130. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 1100, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Furthermore, the above-described figures are merely schematic illustrations of processes included in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is to be limited only by the terms of the appended claims.

Claims (11)

1. A distributed resource management system is characterized by comprising a terminal module, a gateway routing module, a resource processing module and an interplanetary file system layer for storing information resources;
the terminal module is used for acquiring information resources and encrypting the information resources to obtain encrypted resources;
the gateway routing module is used for performing activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determining effective nodes in the interplanetary file system layer according to an activity detection result and maintaining the number of the effective nodes according to the activity detection result;
and the resource processing module is used for maintaining a multi-level node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and scheduling target effective nodes to process the encrypted resources by using the multi-level node linked list.
2. The system of claim 2, wherein the gateway routing module comprises:
the activity detection unit is used for performing activity detection on the nodes in the interplanetary file system layer according to the prestored node identification so as to filter the downtime nodes with changed node identifications;
the supplementary node determining unit is used for randomly detecting a target node when nodes with the number larger than a preset number threshold are filtered, searching for activated and healthy nodes by taking the target node as a center and taking a preset distance value as a radius to obtain supplementary nodes;
and the identification configuration unit is used for distributing node identifications to the target node and the supplementary node and taking the target node and the supplementary node with the node identifications as the effective nodes.
3. The system of claim 2, the resource processing module comprising:
a node linked list maintenance unit, configured to divide the effective nodes into a multi-level node linked list, where the multi-level node linked list includes a cache node list and a core node list, and the number of nodes in the cache node list is less than the number of nodes in the core node list;
a node update unit, configured to update the supplementary node to the core node table;
and the node synchronization unit is used for synchronizing the supplementary nodes in the core node table to the cache node table according to a preset time interval.
4. The system of claim 3, the resource processing module further comprising:
the node scheduling unit is used for responding to the resource processing request from the terminal module and acquiring a target effective node from the cache node table;
the node scheduling unit is further configured to acquire the target valid node from the core node table when the target valid node does not exist in the cache node table.
5. The system of claim 1, wherein the resource handling module further comprises:
an encryption unit, configured to encrypt a key of the encrypted resource; the encryption unit is also used for encrypting the information resources which are not encrypted by the terminal module in the information resources;
and the storage unit is used for storing the encrypted resources encrypted by the encryption unit in the effective node.
6. The system of claim 5, wherein the resource handling module further comprises:
the naming unit is used for naming the encrypted resources stored in the effective nodes and storing the corresponding relation between the actual names of the effective nodes and the naming results;
and the naming result feedback unit is used for feeding back the corresponding relation to the terminal module.
7. The system of claim 6, wherein the resource handling module further comprises:
a path planning unit, configured to plan a query path to an effective node corresponding to the resource query operation instruction in response to the resource query operation instruction carrying the corresponding relationship from the terminal module;
the path planning unit is further configured to feed back the query path to the target effective node, so as to execute a query operation according to the query path through the target effective node.
8. A management system for risk guarantee contract voucher information is characterized by comprising a terminal module, a gateway routing module, a resource processing module and an interplanetary file system layer for storing the risk guarantee contract voucher information;
the terminal module is used for acquiring risk guarantee contract voucher information and encrypting the information to obtain encrypted risk guarantee contract voucher information;
the gateway routing module is used for performing activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determining effective nodes in the interplanetary file system layer according to an activity detection result and maintaining the number of the effective nodes according to the activity detection result;
and the resource processing module is used for maintaining a node linked list corresponding to the effective nodes according to the activity detection result and the number of the effective nodes, and scheduling target effective nodes by utilizing the node linked list to process the encrypted risk guarantee contract voucher information.
9. A distributed resource management method applied to the system of any one of claims 1 to 7, comprising:
the terminal module acquires information resources and encrypts the information resources to obtain encrypted resources;
the gateway routing module performs activity detection on the nodes in the interplanetary file system layer according to the prestored node identification, determines effective nodes in the interplanetary file system layer according to the activity detection result and maintains the number of the effective nodes according to the activity detection result;
and the resource processing module maintains the node linked list corresponding to the effective node according to the activity detection result and the number of the effective nodes, and schedules the target effective node to process the encrypted resource by using the node linked list.
10. A storage medium having stored thereon a computer program which, when executed by a processor, implements the distributed resource management method of claim 9.
11. An electronic device, comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the distributed resource management method of claim 9 via execution of the executable instructions.
CN202111231326.1A 2021-10-22 2021-10-22 Distributed resource management system, distributed resource management method, credential information management system, and medium Pending CN113987475A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111231326.1A CN113987475A (en) 2021-10-22 2021-10-22 Distributed resource management system, distributed resource management method, credential information management system, and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111231326.1A CN113987475A (en) 2021-10-22 2021-10-22 Distributed resource management system, distributed resource management method, credential information management system, and medium

Publications (1)

Publication Number Publication Date
CN113987475A true CN113987475A (en) 2022-01-28

Family

ID=79740204

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111231326.1A Pending CN113987475A (en) 2021-10-22 2021-10-22 Distributed resource management system, distributed resource management method, credential information management system, and medium

Country Status (1)

Country Link
CN (1) CN113987475A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114567647A (en) * 2022-02-28 2022-05-31 浪潮云信息技术股份公司 Distributed cloud file storage method and system based on IPFS

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114567647A (en) * 2022-02-28 2022-05-31 浪潮云信息技术股份公司 Distributed cloud file storage method and system based on IPFS

Similar Documents

Publication Publication Date Title
CN111541785B (en) Block chain data processing method and device based on cloud computing
JP7267293B2 (en) Systems and methods of device identification and blockchain services for enrollment and registration of connected endpoint devices
AU2020200073B2 (en) Method and apparatus for multi-tenancy secrets management
US11115418B2 (en) Registration and authorization method device and system
US10021143B2 (en) Method and apparatus for multi-tenancy secrets management in multiple data security jurisdiction zones
KR20200099543A (en) A system and method for recording device lifecycle transactions as version blocks in a blockchain network using transaction connector and broker services
CN103098070B (en) For the methods, devices and systems of Data Position in monitoring network service
US9219722B2 (en) Unclonable ID based chip-to-chip communication
CN111914269A (en) Data security sharing method and system under block chain and cloud storage environment
CN105873031B (en) Distributed unmanned plane cryptographic key negotiation method based on credible platform
US20140282840A1 (en) Managing data handling policies
US11121876B2 (en) Distributed access control
US10771261B1 (en) Extensible unified multi-service certificate and certificate revocation list management
US8140853B2 (en) Mutually excluded security managers
KR20200087327A (en) System and method for providing data reliability based on blockchain for iot services
US10990692B2 (en) Managing data handling policies
EP3537684A1 (en) Apparatus, method, and program for managing data
CN114239046A (en) Data sharing method
CN110910110B (en) Data processing method and device and computer storage medium
US20220150323A1 (en) User profile distribution and deployment systems and methods
CN117118640A (en) Data processing method, device, computer equipment and readable storage medium
CN113987475A (en) Distributed resource management system, distributed resource management method, credential information management system, and medium
WO2024027665A1 (en) Data fusion method, devices, data fusion system, and storage medium
Feng et al. Autonomous vehicles' forensics in smart cities
CN110995454A (en) Service verification method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination